package com.itheima.web.shiro;

import com.itheima.common.utils.Encrypt;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.authc.credential.SimpleCredentialsMatcher;

public class CustomerCredentialMacher extends SimpleCredentialsMatcher {
    /**
     * 生成凭证
     * @param token
     * @param info
     * @return
     */
    @Override
    public boolean doCredentialsMatch(AuthenticationToken token, AuthenticationInfo info) {
        //取出表单中的明文密码和用户名
        UsernamePasswordToken usernamePasswordToken=(UsernamePasswordToken)token;
        String email = usernamePasswordToken.getUsername();
        String password=new String(usernamePasswordToken.getPassword());
        //对密码进行加密
        //使用加密工具对密码进行加密
        String mdPassword= Encrypt.md5(password,email);
        //数据库传来的密码
        String dbPassword=info.getCredentials().toString();
        return mdPassword.equals(dbPassword);
    }
}
